No Password Required: Building Trust at Intel and the Poker Table
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
Guidepost in Motion EP26: Privacy Matters Part 1: Privacy vs. Convenience
No Password Required: A Senior Product Manager at GitLab With an Instagram Alter Ego That Puts Her in Privacy Superhero Territory
Kidon Podcast: War stories on the cutting edge of IP monetization – David Cohen and Eric Stasik
Regulating the Internet of Things
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
SEP Litigation and the Internet of Things no.2
SEP Litigation and the Internet of Things
An Update On IOT Device Breaches, Framework, And Legislation
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
Jones Day Presents: Smart Contracts and Blockchain
Impact of the Internet of Things on the Insurance Industry
What’s Next?: Drones and transforming policy at GE
The Intersection of Wearable Technology and the Insurance Industry
Your Cyber Minute: Lessons learned from the automotive sector
Your Cyber Minute: Top threats for 2017
The Ever-Expanding Scope of Social Media Discovery
California has reached a $12.75 million settlement with General Motors over the company’s treatment of OnStar driving data. This case follows a similar settlement between the company and the Federal Trade Commission,...more
Mobility is the lifeblood of any city. How people are able to travel in, out and within a metropolitan area is vital to its citizens, businesses, supply chains and social services. And as U.S. cities have expanded in size and...more
A California court recently issued two important rulings in a lawsuit between a nonprofit organization and TV manufacturer Vizio over open source software....more
Every so often a law that was passed years ago quietly becomes a present-day compliance reality. Section 24220 of the 2021 Infrastructure Investment and Jobs Act is one of those laws. Tucked into an eleven-hundred-page...more
In a development that feels equal parts compliance update and rejected "Black Mirror" episode, Washington state has officially banned employers from requiring—or even "requesting"—employees to have "microchips" implanted—that...more
The International Consumer Product Health and Safety Organization (ICPHSO) recently held its 33rd Annual Meeting in Orlando, Florida. Nearly 800 delegates – regulators, manufacturers, retailers, online marketplaces, testing...more
Australia’s mandatory security standards for consumer smart devices commenced this week on 4 March 2026, introducing three baseline cyber requirements for consumer‑grade products that can directly or indirectly connect to the...more
Conceptually, you think of IoT devices, but the CRA has a far broader scope of application. In this article we examine one of the tricky nuances – distinguishing between a digital product and SaaS under the CRA. The EU’s...more
Our cross-sector team was on the ground in Las Vegas last month for CES 2026 to better understand the business and technological environment our clients face. Innovation is always the theme of CES, but this year the pace and...more
On December 3, 2025, the European Commission published its first set of technical FAQs on the EU Cyber Resilience Act (‘CRA’). The CRA is an EU-wide law which lays down cybersecurity requirements for ‘products with digital...more
The EU has entered a new phase of its digital strategy. With the EU Data Act (Regulation (EU) 2023/2854) (the “Data Act”) now applicable as of September 12, 2025, Europe is ushering in one of the most significant shifts in...more
The European Union Data Act took effect on September 12, 2025, ushering in sweeping new obligations for companies handling EU data. The Data Act is far from being an EU-only regulation....more
On November 28 2025, the European Commission adopted a regulation implementing the Cyber Resilience Act (‘CRA’) – an EU-wide law which lays down cybersecurity requirements for companies that design and sell ‘products with...more
On June 6, 2025, the regulatory landscape for manufacturers of connected devices changed significantly with the implementation of Executive Order 14306, which extends the reach of the Federal Communications Commission’s (FCC)...more
Steve Orrin is the federal chief technologist at Intel Corp., where he works with some of the largest IT and IS deployments in the world. In this episode, hosts Jack Clabby of Carlton Fields and Kayley Melton of the Cognitive...more
In today’s increasingly digital world, connected devices are an integral part of daily life. From smart speakers and thermostats to fitness trackers and home security cameras, these devices offer convenience and...more
Tyler Cook is the Assistant Program Director at Emory University’s Center for AI Learning and a Professional Fellow with Emory university’s Center for Ethics. Immediately prior to these appointments, Tyler was a Postdoctoral...more
The EU Data Act ushers in a sweeping new framework for access to and use of data from connected products and related services. Organizations, such as healthcare and life sciences companies, should prepare now, as many of the...more
This Essential Guide is part of Orrick’s Cybersecurity & Privacy Compass Series. The Cybersecurity & Privacy Compass is your global guide to the evolving cybersecurity and privacy regulatory landscape. ...more
If these walls could talk. And in the ‘connected’ buildings that continue to be of prime interest for real estate and infrastructure investors, the doors, the lights, the appliances, and much more beyond. In a recent survey...more
The European Union (EU) Data Act (EDA) came into force on January 11, 2024, and took effect on September 12, 2025. It is set to reshape how companies handle data generated by connected products, smart devices and cloud...more
The EU’s sweeping Data Act is now in force. In this part of our series highlighting the Data Act’s key issues, our Privacy, Cyber & Data Strategy Team highlights new obligations for companies whose connected products collect...more
Regulation (EU) 2023/2854 (the Data Act) entered into force on January 11, 2024, and applied from September 12, 2025, with certain provisions phased in through 2026 and 2027. The Data Act is intended to create a harmonized...more
The EU Data Act’s implementation date is already upon us. That’s right, it becomes applicable, in part, on September 12, 2025, marking a major milestone in Europe’s data transformation journey, impacting cloud services,...more
In this guide, we answer key questions about the European Data Act, which became applicable on 12 September, including what the Data Act covers, who is impacted and what businesses should do to comply....more